Welcome Guest, Not a member yet? Register   Sign In
Suppress all PHP errors
#1

[eluser]Unknown[/eluser]
Is there a way on my live site to suppress all PHP errors? The type that crop up if you manually meddle with ID's etc that are being sent to controllers for processing...

I'd rather a blank or a generic controlled error page to be displayed than for example:

A PHP Error was encountered
Severity: Warning
Message: mktime() expects parameter 6 to be long, string given
Filename: controllers/search.php
Line Number: 675

These errors only show up if you make extra effort to break a page, however I'd like no one to see any errors no matter how hard they try.

Thanks, n.
#2

[eluser]Michael Wales[/eluser]
Write your code in terms it doesn't trust the user - the user should be able to change anything in your URL and you will gracefully degrade for them:

Example URL: example.com/user/profile/walesmd
Code:
function profile($username = FALSE) {
  if ($username === FALSE) {
    redirect('users/all');
    return;
  }
  $data['user'] = $this->user->get($username);
  $this->load->view('users/profile', $data);
}

Model:
Code:
function get($username = FALSE) {
  if ($username !== FALSE) {
    $username = (str) $username;
    $query = $this->db->get('users', array('username' => $username), 1, 0);
    if ($query->num_rows() === 1) {
      return $query->row_array();
    }
  }
  return FALSE;
}

View file:
Code:
<?php if ($user !== FALSE): ?>
  <?php // Echo out the user's profile information ?>
<?php else: ?>
  <p>We couldn't find a user with that username!</p>
&lt;?php endif; ?&gt;
#3

[eluser]roj[/eluser]
While I recommend the advice above, there's also the option to turn off php errors. Read the user guide (Codeigniter error reporting), especially the bit at the top. Reading up in the php manual would help too (PHP error reporting). It's also useful that the log files will still record the errors so you can keep track of what's going wrong.
#4

[eluser]Unknown[/eluser]
Thanks Michael & roj for the helpful answers

@michael - I agree, best practice is to ensure no matter how the user meddles, they will always be programmatically degraded - However I've pushed something out the door that doesn't do that entirely just yet, and until then I'd like to suppress by brute force!

@roj Perfect, thanks for your help!




Theme © iAndrew 2016 - Forum software by © MyBB